Skip to main content

Web Services

The Web Services section allows you to configure how the Admin and Client Web UIs are hosted and accessed. You can set which interfaces they bind to, control the ports and protocols in use, and define client connection options.

This section includes two tabs:

  1. Admin Web Server

  2. Client Web Server

🛠️ Admin Web Server

Configure how the Admin Web UI is served over the network.

  • Ports and protocols

    • Make the admin web server available on selected interfaces: Choose which interfaces the Admin Web UI listens on (e.g., All interfaces, eth0 192.168.0.1/24, etc.). If clients can't access the interface listed, they can't connect to the server.

    • TCP port: Define the port used to access the Admin Web UI (default is 943).

    • TLS protocol: Select which versions of TLS (transport layer security) are allowed for HTTPS connections. This setting applies to both the Admin and Client Web servers.

    • Make the admin web server also reachable on OpenVPN TCP daemon port 443: Toggle to also make the Admin Web UI reachable on the OpenVPN TCP port.

      Tip

      Allowing access on port 443 can be useful in environments where firewalls block other ports.

🌐 Client Web Server

Configure access settings for the Client Web UI, including profile delivery and client options.

  • Ports and protocols

    • Use the same address and port as the admin web server: Toggle to simplify configuration by using the same interface and port.

    • Make the client web server available on selected interfaces: Specify which interfaces the Client Web UI listens on.

    • TCP port: Define the port for the Client Web UI (default is 943).

    • Also make the client web server reachable on OpenVPN TCP daemon port 443: Toggle to make the Client Web UI reachable on port 443.

  • Client Web UI settings

    • Only allow administrative access to the Client Web UI: Toggle to limit access to administrators (hides download options for end-users).

    • Profile availability: Choose which type of connection profiles are available for download.

    • OpenVPN Connect OS availability: Select which platforms users can download clients for.

    • Define friendly profile name: Define how connection profiles are labeled. The default format is user@hostname.com.

      Important

      Disabling profile types or client platforms here prevents them from being shown to users via the Client Web UI.